Check SSL expiration dates
The following script is a utility to check the expiration date of SSL certificates of any host.
It displays the remaining validity period of the host and - if these expire within 14 days - also of the "Intermediate" and "Root" certificates.
😉
function checkHost(host){
var url = new java.net.URL("https://" + host);
var result ="";
try {
var conn = url.openConnection();
conn.connect();
var certs = conn.getServerCertificates();
for (var i=0; i<certs.length;i++) {
var xc = certs[i];
var dn = xc.getSubjectDN().getName();
var expiresOn = xc.getNotAfter();
var now = new Date();
println("issuer: " + xc.getIssuerDN());
println("subject DN: " + xc.getSubjectDN());
var days = (expiresOn.getTime() - now.getTime()) / (1000 * 60 * 60 * 24);
if(dn.contains(host) || days<14){
result+=host + ": certificate for "+dn+" expires on :" + expiresOn + ", "+ days + " days to go.\n";
}
}
}
catch (e) {
e.printStackTrace();
return(host + " could not establish connection. Please check!\n");
}
return result;
}
task.description="";
task.description+=checkHost("myhost.com");
task.description+=checkHost("www.google.com");
var url = new java.net.URL("https://" + host);
var result ="";
try {
var conn = url.openConnection();
conn.connect();
var certs = conn.getServerCertificates();
for (var i=0; i<certs.length;i++) {
var xc = certs[i];
var dn = xc.getSubjectDN().getName();
var expiresOn = xc.getNotAfter();
var now = new Date();
println("issuer: " + xc.getIssuerDN());
println("subject DN: " + xc.getSubjectDN());
var days = (expiresOn.getTime() - now.getTime()) / (1000 * 60 * 60 * 24);
if(dn.contains(host) || days<14){
result+=host + ": certificate for "+dn+" expires on :" + expiresOn + ", "+ days + " days to go.\n";
}
}
}
catch (e) {
e.printStackTrace();
return(host + " could not establish connection. Please check!\n");
}
return result;
}
task.description="";
task.description+=checkHost("myhost.com");
task.description+=checkHost("www.google.com");